﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;

public partial class member_membermodify : System.Web.UI.Page
{
    public string EnterpriseName = "";
    public string UserID = "";
    public string UserPower = "";
    public string Footer = "";
    public string id="";
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!Init.islogin(ref UserID, ref EnterpriseName, ref UserPower))
        {
            Response.Redirect("/Login.aspx");
        }
        if (!UserPower.Contains("Manager"))
        {
            Response.Write("你没有权限！");
            Response.End();
        }
        this.EnableViewState = false;
        id = Request.Params["id"];
        Response.Write(Init.InitDefault());
        
        if (!IsPostBack)
        {
            if (!string.IsNullOrEmpty(id))           
            {
                list(id);
                _id.Text = id;
            }
        }
    }
    Common Init = new Common();
    MsSqlHelper mssql = new MsSqlHelper();

    public void list(string id = "")
    {
        string sql = "select * from Web_User(nolock) where ID='" + id + "'";
        if (Init.IsDebug)
        {
            ResultDeBug.Text = sql;
        }
        DataSet ds = mssql.ExecuteDs(sql);
        if (ds.Tables[0].Rows.Count != 0)
        {
            sid.Text = ds.Tables[0].Rows[0]["ID"].ToString();
            userid.Text = ds.Tables[0].Rows[0]["UserID"].ToString();
            enterprisenames.Text = ds.Tables[0].Rows[0]["EnterpriseName"].ToString();
            userstate.Items.FindByValue(ds.Tables[0].Rows[0]["UserState"].ToString().ToLower()).Selected = true;
            userpower.Text = ds.Tables[0].Rows[0]["UserPower"].ToString();
            lastip.Text = ds.Tables[0].Rows[0]["LastIP"].ToString();
            lastdate.Text = ds.Tables[0].Rows[0]["LastDate"].ToString();
            newpass.Text =Init.Decrypt(ds.Tables[0].Rows[0]["UserPass"].ToString()); 
        }
    }

    protected void Submit_Click(object sender, EventArgs e)
    {
        string Nuserid = userid.Text;
        string Nenterprisename = enterprisenames.Text;
        string Nuserpower = userpower.Text;
        string Nuserstate = userstate.SelectedValue;
        string Nuserpass = newpass.Text;
        string sql = "";
        if (string.IsNullOrEmpty(id))
        {
            if (mssql.ExecuteDt("select top 1 1 from Web_User where UserID='" + Nuserid + "'").Rows.Count <= 0)
            {
                sql = "Insert into [Web_User](UserID,UserPass,enterprisename,UserPower,UserState)values('" + Nuserid + "','" + Init.Encrypt(Nuserpass) + "','" + Nenterprisename + "','" + Nuserpower + "','" + Nuserstate + "')";
                mssql.ExecuteSql(sql);
                id = mssql.GetString("select top 1 id from [Web_User] where UserID='" + Nuserid + "'");
                Response.Redirect("membermodify.aspx?id=" + id);
            }
            else
            {
                Literal1.Text = "账号已存在";
            }            
        }
        else
        {            
            if (mssql.ExecuteDt("select top 1 1 from Web_User where UserID='" + Nuserid + "'").Rows.Count <= 0)
            {
                sql = "update Web_User set UserID='" + Nuserid + "' where id='" + id + "' ";
                mssql.ExecuteSql(sql);
            }

            sql = "update Web_User set EnterpriseName='" + Nenterprisename + "',UserPower='" + Nuserpower + "',UserState='" + Nuserstate + "' where id='" + id + "' ";
            mssql.ExecuteSql(sql);

            if (!string.IsNullOrEmpty(Nuserpass))
            {
                sql = "update Web_User set UserPass='" + Init.Encrypt(Nuserpass) + "' where id='" + id + "' ";
                mssql.ExecuteSql(sql);
            }
            Response.Redirect("membermodify.aspx?id=" + id);
        }
    }
}